<!DOCTYPE html>
<html lang="en">
<body>
<?php


function test_input($data)
{
    $data = trim($data);
    $data = stripslashes($data);
    $data = htmlspecialchars($data);
    return $data;
}

function purifyHtml($untrustedHtml)
{
    // Basic setup without a cache
    $config = HTMLPurifier_Config::createDefault();
    $config->set('Core', 'Encoding', 'UTF-8');
    $config->set('HTML', 'Doctype', 'HTML 4.01 Transitional');
// Create the whitelist
    $config->set('HTML.Allowed', 'p,b,a[href],i'); // basic formatting and links
    $sanitiser = new HTMLPurifier($config);
    $output = $sanitiser->purify($untrustedHtml);
    return $output;
}

function checkProduct($product)
{
    $output = $product;
    if (!empty($output)) {
        return $output;
    } else {
        return false;
    }
}

function checkYear($year)
{
    if (is_numeric($year)) {
        $input = (int)$year;
        if ($input > 2019) {
            return $input;
        }
    } else {
        return false;
    }
}

function checkNumber($number)
{
    if (is_numeric($number)) {
        $input = (int)$number;
        if ($input >= 50 and $input <= 100) {
            return $input;
        }
    } else {
        return false;
    }
}

function displayMessage($mess)
{
    echo "Form validation failed!";
    echo "<pre>";
    foreach ($mess as $key => $item) {
        echo "$item <br>";
    }
    echo "</pre>";
}

$product_name = $year = $number = "";
$error = array();

if (!empty($_POST)) {
    $fields = array('product_name', 'year', 'number');
    foreach ($fields as $v) {
        $save_data[$v] = isset($_POST[$v]) ? test_input($_POST[$v]) : false;
        if ($save_data[$v] == false) {
            $error[$v] = $v . 'cannot be empty ';
            displayMessage($error);
            break;
        }
    }
    $result = checkProduct($save_data['product_name']);
    if ($result == false) {
        $error['product_name'] = "Product name validation failed.";
    } else {
        $save_data['product_name'] = $result;
    }

    $result = checkYear($save_data['year']);
    if ($result == false) {
        $error['year'] = "Year validation failed. Must be number and > 2019";
    } else {
        $save_data['year'] = $result;
    }
    $result = checkNumber($save_data['number']);
    if ($result == false) {
        $error['number'] = "Number validation failed. Must be number and between 50-100";
    } else {
        $save_data['number'] = $result;
    }

    if (empty($error)) {
        try {
            $file = file_get_contents('data/stock.json');
            $data = json_decode($file, true);
//            $data["product_list"] = array_values($data["product_list"]);
            $data[] = $save_data;
            $result = file_put_contents("data/stock.json", json_encode($data));

            if ($result === false) {
                $error['save_data'] = 'the data file cannot be read';
            } else {
                $message = 'submit product info successfully!';
                echo $message;
            }
        } catch (Exception $e) {
            $error['save_data'] = 'the data file cannot be read';
            displayMessage($error);
        }
    } else {
        displayMessage($error);
    }
}


?>

</body>

